Skip to main content
Login
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

Password Managers Don’t Protect Secrets if Pwned

ETH Zurich and USI researchers found Bitwarden vulnerable to 12 attacks, LastPass 7, and Dashlane 6, exposing passwords if servers are compromised.

  • Researchers at the Applied Cryptography Research Group at ETH Zurich revealed on Monday attacks on Bitwarden, LastPass and Dashlane that can expose or alter encrypted passwords.
  • Password managers promise so‑called zero‑knowledge encryption, but researchers found unclear threat models, legacy formats and features such as sharing increased code complexity, opening exploitable gaps.
  • Using a malicious‑server model, the researchers found Bitwarden faced 12 attacks, with 7 leading to password disclosure, among around 60 million users, and gave vendors 90 days to fix gaps.
  • Vendors responded and began applying fixes, with Dashlane confirming it fixed the most serious issue and removed legacy cryptography, while several manufacturers reported near-term hardening measures and remediation timelines.
  • Researchers recommended onboarding new users with the latest cryptographic standards and offering existing customers migration choices, and said `We want our work to help bring about change in this industry`.
Insights by Ground AI

17 Articles

n-tv.den-tv.de
Lean Right

"Bizarre Code Architectures": Eth Zurich Finds "Serious Gaps" in Password Managers

Researchers at ETH Zurich are investigating three popular password managers. They discover "serious security gaps" that allow them to view and modify stored access data in tests.

Read Full Article
Kronen ZeitungKronen Zeitung
Right

Researchers Found Large Gaps in Password Managers

Millions of people rely on the service of password managers. However, the stored passwords are not automatically secure there, as a research team at ETH Zurich (Eidgenössische Technische Hochschule, ed.) showed. It simulated hacker attacks on three well-known providers. Bitwarden, load pass and Dashlane were investigated, whose services use around 60 million people worldwide. A password manager works so that behind a master password all other pa…

·Vienna, Austria
Read Full Article
The RegisterThe Register
Center

Password managers don’t protect secrets if pwned

: Researchers demo weaknesses affecting some of the most popular options

Read Full Article
SWI swissinfo.chSWI swissinfo.ch
Lean Left

Swiss researchers find password manager security gaps

Swiss research team uncovers serious security flaws with password management systems.

·Bern, Switzerland
Read Full Article
winfuture.dewinfuture.de

More and More Vulnerabilities: Popular Password Managers at Risk

Security researchers are alarming again: Bitwarden's popular password managers, LastPass and Dashlane have serious gaps. Even Zero-Knowledge's data is in danger. What users need to know now and how providers react. (Continue reading)

Read Full Article
IT PROIT PRO

Researchers called on LastPass, Dashlane, and Bitwarden to up defenses after severe flaws put 60 million users at risk – here’s how each company responded

Password managers may not be as secure as many assume, with researchers uncovering multiple attack vectors across three popular systems serving 60 million users.

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 50% of the sources lean Right
50% Right

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

20 Minuten broke the news in on Monday, February 16, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Switzerland icon

Switzerland

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal